Web API Mediation and XML/JSon Gateway for Cloud-based service Applications
An important part of Cloud API Management is to be able to appropriately route requests:
- Are requests being sent to the right API version?
- How is load managed and distributed across Web services and API?
- Is there a need to expose SOAP based API as REST and vice versa?
- Do you need to be able to limit the usage of an API?
- Are exceptions handled gracefully?
Manage the Message Flow
CloudGate acts as a XML/JSon gateway to enable runtime message mediation and content-based brokering for Web services and APIs. With CloudGate you can:
- Easily integrate different systems
- Transform SOAP <-> REST and JSON <-> XML as a policy
- Present http based API and Web Services as WebSocket applications
- Convert protocols from http to non-http and vice versa
- Create virtual services from artifacts of other services
- Create virtual SOAP based http services for databases. http <-> jdbc
- Automate message policy enforcement rules by consumer type
- Manage throttling, load balancing, and failover of messages
- Message Traffic flow control per second/minute/hour/daily
- Simplify and streamline exception handling
- Dynamically modify message schemas
- Create Web based services from JMS topics/quueues
- Dynamically validate message XML or JSON schema
Dynamic Message Modification and Protocol Transformation
Because services can be easily reused within a cloud environment, there may be instances when the consumer of the API doesn't necessarily send requests in a schema that is recognized by the provider. To prevent failures and deliver a robust cloud-based application, there must to be a way to dynamically modify a schema or a protocol so it can be immediately recognized by the provider. With CloudGate you can:
- Dynamically modify the schema of the request or the response by using xsl transformation
- Dynamically modify the schema by writing a proprietary algorithm to perform the modification
- Convert from http -> jms -> http or jms -> http -> jms protocols depending on your provider's protocol of choice
- Convert from http xml -> http JSON -> http XML or JSON -> http XML -> JSON protocols depending on your provider's protocol of choice
- Create adapters for other protocols to perform the conversion
CloudGate can be used to validate schema of the request and if there is a mismatch it will deny service access. CloudGate can perform both XML and Non-XML schema validation including JSON schema validation. You can view a quick demonstration of JSON schema validation here.
CloudGate has an open API to allow the user to write a specific schema validation algorithm for their type of protocol.
Response Caching and Compression
CloudGate can cache responses to speed deliver of responses to your clients and minimize the load on your servers. IT can use different compression techniques such as gzip to compress large payloads such as media streams and content .
Runtime Service Mediation and Brokering Functions
Use CloudGate as a Service Broker and API management gateway to enable runtime service mediation and message brokering. With CloudGate you can:
- Modify API messages in runtime to mediate between different systems
- Reroute service requests in runtime based on content checking rules such as service version
- Convert SOAP service requests to the JMS protocol and forward them to an ESB
- Create new protocol conversion mechanisms with the Open API
- Set exception-based routing and automate runtime exception handling to route messages to available services and provide exception response messages
- Throttle messages to allow only a specific number of messages to reach the service in a specific period of time
- Provide load balancing and failover support
API Virtualization and VersioningUse CloudGate as a XML gateway to virtualize and version services to the consumers of the service:
- Create new 'Virtual Service' by consolidating one or more operations from different services
- Hide specific operations within the service for different consumers of the service or based on a schedule
- Dynamically create WSDL's for the new Virtual Service
- Publish multiple versions of the same service
- Ensure backwards compatibility of the new service
JMS & Data Services Virtualization
CloudGate can be used to virtualize different types of services such JMS Topics or Database tables and present them as web services with a dynamically generated WSDL. To the consumer the service is a SOAP-based web service but in the backend the services could be either JMS Topics or database tables.
CloudGate performs a protocol conversion. HTTP SOAP <-> CloudGate <-> JMS or in case of database services HTTP SOAP <-> CloudGate <-> JDBC. For more information regarding this feature please send questions to firstname.lastname@example.org.
You can view a quick demonstration of the Data Services here.
Be able to present http based APIs and Web Services as WebSocket applications to your partners and clients
Message Routing and Throttling
CloudGate can be used to route mesasges based on the content of the message, a schedule or fault.
This is particularly beneficial when there are multiple versions of the service running and the request
needs to be re-routed to the correct version. CloudGate can also route requests based on time of day or day of week.
This is to make sure when there are scheduled downtimes the messages are routed correctly.
You can also build throttling SLA policies within CloudGate. This allows to send a specific number of messages to a service per minute, hourly, or daily. Some of CloudGate's throttling policies include
- Control the message flow on a per minute, per hour, or per day
- the number of messages sent to service for each individual consumer or globally. Creating a throttling SLA based on consumer using the service
- Control the number of messages sent to service on a per operation basis
- Set throttling schedules
Runtime Policy Enforcement Functions
Use the CloudGate service proxy deployment option to combine enforcement of automated policies on service access and usage with visibility into policy compliance. CloudGate enables you to:
- Block access to individual service operations based on time of day or date
- Create and manage WS-Policy assertions using CloudGate's internal repository and WS-Policy tools
- Automatically update service and policy information from a UDDI-compliant registry
- Monitor for policy compliance and compliance failures
- Set daily or hourly limits on the number of service requests that are forwarded
- Block service messages that exceed a certain size
- Throttle messages
- Apply protocol conversion (i.e. JMS ->HTTP or vice versa) with an open API for all protocol customization
Algorithm Based Policy Enforcement
CloudGate XML Gateway enforces policies based on most standards. For example CloudGate has full support for WS-Security standards and can automatically evaluate authentication parameters from WS-Security headers. What if the service is using a proprietary standard instead of WS-Security for transport of authentication information? Well in CloudGate most policies can be an algorithm through a published API that can be invoked to achieve the same result. Therefore the user can write the content of an algorithm, in java, that will be invoked as a policy of the services. CloudGate policy algorithm API's apply to most brokering and security policies within CloudGate.
The option for algorithm based policies within CloudGate include
- Dynamic Schema Modification - The ability to invoke an algorithm to modify the request or response for the service as a policy of the service
- UserName Token retrieval - The ability to invoke an algorithm to retrieve the username and password from the request header or body. Use this algorithm if the username and password are embedded in specific non-standard portion of the payload.
- Schema Validation - Invoke an algorithm to validate the schema of the request or response as a policy of the service
- XML Encryption - Invoke an algorithm to encrypt or decrypt part or all of the request/response payload. This is if using other non-standard XML encryption algorithms
- Exception based routing Policies - CloudGate allows the user to look for specific faults from the service to re-route the request. This can be done through X-path or invocation of an algorithm
- STS Integration - CloudGate can request and validate tokens from a Secure Token Service using WS-Trust but an algorithm policy can be set for proprietary STS integration protocols.
Closed-loop Service and Policy Management Functions
Increase efficiency in managing services and runtime policies by integrating CloudGate with a UDDI service registry. CloudGate's bi-directional registry synchronization capability lets you:
- Automatically query the service registry and update service information
- Automatically configure new service monitoring configurations in CloudGate by querying a service registry
- Automatically query the service registry and update CloudGate policy implementations
- Create, update and manage policies through the CloudGate interface
- Export CloudGate policy implementations as WS-Policy-complaint assertions to a UDDI registry
- Automatically update the service registry with service information and policy changes made using the CloudGate interface
Web Service Policy Profiles
Create a set of Policy profiles and assign them to a group of services as they are discovered. You can:
- Create policy profiles once and assign to a group of Web Services
- Assign multiple policy profiles to a Web Service. As an example, you can have one set of policies for internal consumers of the service and another set for external consumers of the service.